Users Код (Text): users | CREATE TABLE `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `email` varchar(255) NOT NULL, `phone` varchar(22) NOT NULL, `password` varchar(64) NOT NULL, `righgts` varchar(60) NOT NULL, `verify_key` varchar(65) NOT NULL, `activated` int(11) NOT NULL, `recovery_key` varchar(65) NOT NULL, `recovery_key_life` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, `auth_key` varchar(255) NOT NULL, `accessToken` varchar(255) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM AUTO_INCREMENT=37 DEFAULT CHARSET=utf --- Добавлено --- SiteController PHP: <?php namespace app\controllers; use Yii; use yii\filters\AccessControl; use yii\web\Controller; use yii\web\Response; use yii\filters\VerbFilter; use app\models\LoginForm; use app\models\RegisterForm; use app\models\ContactForm; use app\models\Users; use app\helper\DBHelper; use app\models\Category; use app\models\Products; use app\models\News; use \app\models\Purchases; use yii\data\Pagination; use yii\data\ActiveDataProvider; class SiteController extends Controller { public function actionLogin(){ if (!Yii::$app->user->isGuest) { return $this->goHome(); } $model = new LoginForm(); $user = new Users(); if(isset($_POST) && !empty($_POST)){ $password = $_POST['LoginForm']['password']; $email = $_POST['LoginForm']['username']; $remember = (boolean)$_POST['LoginForm']['rememberMe']; $password = Users::passwordHash($password); $user = Users::find()->where(['email' => $email, 'password' => $password])->one(); $email = DBHelper::mysql_escape($email); if(!is_null($user)){ $user->scenario = "login"; if($user->activated != 0){ Yii::$app->user->login($user, $remember ? 3600*24*30 : 0); return $this->goBack(); }else { $user->addError('email', 'Account not activated'); } }else { $user = new Users(); $user->email = $email; $user->password = $password; $user->addError('email', 'Incorrect login or password'); } } $model->password = ''; return $this->render('login', [ 'model' => $model, 'user' => $user ]); } public function actionLogout(){ Yii::$app->user->logout(); return $this->goHome(); } public function actionAbout() { return $this->render('about'); } public function actionConfirm($id,$verify_key){ $model = Users::findOne(['id' => $id, 'verify_key' => $verify_key]); if(!is_null($model)){ if($model->activated != 1){ $connection = Yii::$app->db; $connection->createCommand()->update('users', ['activated' => 1], 'id = :id', [':id' => $model->id])->execute(); $message = "Registration confirmed"; }else { $message = "Already activated"; } }else { $message = "User not found"; } return $this->render('message', [ 'message' => $message ]); } public function actionRegister(){ $model = new RegisterForm; $newUser = new Users(); $newUser->activated = 0; $newUser->scenario = "register"; if(isset($_POST['ajax']) && $_POST['ajax']==='register-form'){ echo CActiveForm::validate($model); Yii::app()->end(); } if(isset($_POST['RegisterForm'])){ $newUser->password2 = $_POST['RegisterForm']['password2']; $newUser->password = $_POST['RegisterForm']['password']; $newUser->email = DBHelper::mysql_escape($_POST['RegisterForm']['email']); $newUser->phone = DBHelper::mysql_escape($_POST['RegisterForm']['phone']); $newUser->verify_key = UtilsHelper::randomString(32); if($newUser->password != $newUser->password2){ $newUser->addError("password2", "Passwords do not match"); } if(!filter_var($newUser->email, FILTER_VALIDATE_EMAIL)){ $newUser->addError("email", "It is not email"); } $newUser->password = Users::passwordHash($newUser->password); $newUser->email = DBHelper::mysql_escape($newUser->email); $newUser->phone = DBHelper::mysql_escape($newUser->phone); if($newUser->save()) { $id = $newUser->id; $activateString = \Yii::$app->params['host']. "index.php?r=site/confirm&id=" . $id . "&verify_key=" . $newUser->verify_key; $to = $newUser->email; $subject = 'Registration completed successfully'; $message = 'registration confirm: <a href="' . $activateString . '">account activation</a>'; $headers = 'From: admin@noreply.com' . "\r\n" . 'MIME-Version: 1.0' . "\r\n" . 'Reply-To: admin@noreply.com' . "\r\n" . 'Content-type: text/html; charset=utf-8' . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); $message = "Registration complite, check your email"; return $this->render('message', [ 'message' => $message ]); }else { } } return $this->render('register', [ 'model' => $model, 'user' => $newUser ]); } public function actionRecovery (){ $user = new Users(); if(isset($_POST['Users']['email']) && !empty($_POST['Users']['email'])){ $user->email = DBHelper::mysql_escape($_POST['Users']['email']); $user = Users::find()->where(["email" => $user->email])->one(); if(is_null($user)){ $user = new Users(); $user->addError("email", "User not found"); }else { $user->recovery_key = UtilsHelper::randomString(32); $recoveryString = \Yii::$app->params['host']. "index.php?r=site/resetpassword&id=" . $user->id . "&recovery_key=" . $user->recovery_key; $connection = Yii::$app->db; $connection->createCommand()->update('users', ['recovery_key' => $user->recovery_key], 'id = :id', [':id' => $user->id])->execute(); $to = $user->email; $subject = 'Recovery password'; $message = 'Recovery address: <a href="' . $recoveryString . '">account recovery</a>'; $headers = 'From: admin@noreply.com' . "\r\n" . 'MIME-Version: 1.0' . "\r\n" . 'Reply-To: admin@noreply.com' . "\r\n" . 'Content-type: text/html; charset=utf-8' . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); return $this->render('message', [ 'message' => 'Recovery password' ]); } } return $this->render('recovery', [ 'model' => $user ]); } public function actionResetpassword($id, $recovery_key){ $user = null; $user = Users::findOne(['id' => $id, 'recovery_key' => $recovery_key]); if(!is_null($user)){ $passwordClear = UtilsHelper::randomString(6); $password = Users::passwordHash($passwordClear);//; $connection = Yii::$app->db; $connection->createCommand()->update('users', ['password' => $password], 'id = :id', [':id' => $user->id])->execute(); $to = $user->email; $subject = 'New password '; $message = "New password: " . $user->password; $headers = 'From: admin@noreply.com' . "\r\n" . 'MIME-Version: 1.0' . "\r\n" . 'Reply-To: admin@noreply.com' . "\r\n" . 'Content-type: text/html; charset=utf-8' . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); return $this->render('message', [ 'message' => "New password " . $passwordClear . " send to your email address" ]); } } public function actionSettings(){ $id = Yii::$app->user->id; $user = Users::find()->where('id = :id', [':id' => $id])->one(); $user->password = ""; $message = "Password has ben changed"; if(isset($_POST['Users']) && !empty($_POST['Users'])){ $user->password2 = $_POST['Users']['password2']; $user->password = $_POST['Users']['password']; $user->phone = DBHelper::mysql_escape($_POST['Users']['phone']); if($user->password != $user->password2){ $user->addError("password2", "Passwords do not match"); }else { $user->password = Users::passwordHash($user->password); $user->save(); return $this->render('message', [ 'message' => $message ]); } $user->password = ""; $user->password2 = ""; } return $this->render('settings', [ 'model' => $user ]); } }